1 / 23

Wireless Security Analysis and Recommendations

This survey analyzes security techniques of candidate stacks like 802.11, Bluetooth, and ZigBee, covering encryption, authentication, key management, and more. Learn about government considerations, convergence opportunities, and key protocols for enhanced security. Explore the use of AES in CCM mode for encryption and authentication, and discover the cross-layered approach to security in Bluetooth. Gain insights into the security overview of ZigBee, including key management and algorithm considerations. This comprehensive study offers valuable recommendations for improving wireless security protocols.

kermit
Télécharger la présentation

Wireless Security Analysis and Recommendations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. P1451.5 Security Survey and Recommendations By: Ryon Coleman (rcoleman@3eti.com) October 16, 2003

  2. Agenda – Analyze Security Techniques Of Candidate Stacks & Present Conclusions • 802.11 / 802.11i • Key Management • Encryption • Authentication • Bluetooth • Profile Approach • Layered Framework • ZigBee / 802.15.4 • Government Considerations • Areas for Convergence • Backup Slides

  3. 802.11 Security802.11i Specification for Enhanced Security • IEEE 802.1X-based authentication mechanisms are used, with AES in CCMP mode, to establish an 802.11 Robust Security Network (RSN). • IEEE 802.1X-2001 defines a framework based on the Extensible Authentication Protocol (EAP) over LANs, also known as EAPoL. • EAPoL is used to exchange EAP messages. EAP messages perform authentication and are used for key derivation between a STA and an EAP entity known as the Authentication Server (AS). • 802.11i defines a 4-way handshake using EAPoL for key management / key derivation.

  4. 802.11i Authentication & Key Management Overview

  5. 802.11 EAP Encapsulation • EAPoL frames are normal IEEE 802.11 data frames, thus they follow the format of IEEE 802.11 MSDUs and MPDUs.

  6. EAPoL for Key Exchange • Packet Type = 0x03 in the 802.1X header indicates EAPoL-Key message. • Used by the Authenticator and Supplicant to derive or exchange cryptographic keying information. • After the association first forms, only IEEE 802.1X protocol messages (i.e., EAP and its associated authentication method) flow across the link until authentication completes • The Supplicant’s IEEE 802.1X Port Access Entity (PAE) filters all non-EAP traffic during this period. Until authentication completes with the distribution of a Pairwise Master Key (PMK), the PAE ensures that only EAP packets are sent or received between this STA and the wireless medium.

  7. 802.11 RSN Information Element

  8. Successful 802.1X Authentication Exchange

  9. 4-Way Handshake to DeriveEncryption & Authentication Keys

  10. 4-Way Handshake to DeriveEncryption & Authentication Keys

  11. Pairwise Key HierarchyDerivation Process – For Unicast

  12. Group Key HierarchyDerivation Process – For Multicast

  13. AES Counter + CBC-MAC(CCMP) Provides Encryption & Authentication • The CCMP protocol is based on AES using the CCM mode of operation. • The CCM mode combines Counter (CTR) mode privacy and Cipher Block Chaining Message Authentication Code (CBC-MAC) authentication. • These modes have been used and studied for a long time, have well-understood cryptographic properties, and no known patent encumbrances. • They provide good security and performance in both hardware or software.

  14. 802.11 CCMP Encapsulation

  15. 802.11 CCMP Decapsulation

  16. Bluetooth Security: LAN Access Profile - A Cross-Layered Approach From “Bluetooth Security Whitepaper” Bluetooth SIG Security Expert Group

  17. Bluetooth Security Overview • Bluetooth takes a cross-layered approach to implementing security: • SAFER+ algorithm used at the Baseband for encryption & authentication. • Link Manager specification covers link level procedures for configuring security. • HCI specification details how a host controls security & how security-related events are reported by a Bluetooth module to its host. • Bluetooth SIG whitepaper exists for implementing security and provides examples of how services might use security. • Drawback: SAFER+ (Secure And Fast Encryption Routine) was beaten out by Rijndael for selection for AES in the U.S. • Existing Bluetooth security does not satisfy U.S. DoD requirements.

  18. ZigBee / 802.15.4 Security • Like 802.11i, ZigBee relies on AES CCM as a mainstay for encryption + authentication. • CCM mode consists of CTR mode encryption combined with CBC-MAC authentication to produce an authenticate-and-encrypt block cipher using NIST-approved AES. • AES CCM is intended to provide encryption, sender authentication, and message integrity.

  19. ZigBee Key Management • Currently ZigBee is establishing its key management / key distribution techniques. • Elliptic Curve based techniques are supposedly in the works • Need additional input on ZigBee security from a member representative…

  20. Government Considerations • Currently, there exist four FIPS-approved symmetric key algorithms for encryption: • Advanced Encryption Standard (AES) • Data Encryption Standard (DES) • Triple-DES • Skipjack • AES is the FIPS-Approved symmetric encryption algorithm of choice. • FIPS 197, Advanced Encryption Standard (AES), specifies the AES algorithm (http://csrc.nist.gov/cryptval/) • 802.11i is compliant with NIST FIPS 197 and FIPS 140-2 validation requirements.

  21. Areas for Convergence • AES CCM should be called out by 1451.5 at the MAC sublayer for authentication and encryption. • Key Management is a crucial area for wireless security. 802.11i is good but may be too “heavy” for smart sensors. • Access to ZigBee techniques would be useful in this area • Bluetooth implements a layered approach, but is not in compliance with NIST or DoD requirements. • A strong, layered approach for 1451.5 security would be AES CCM at the MAC plus 802.11i constructs including 802.1X EAPoL for mutual key derivation / key exchange. • Any additional information from Axonn or ZigBee? Form Subgroup?

  22. Backup Slides

  23. Bluetooth Versus OSI Model

More Related